Auth.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
  1. <?php namespace Manage\Lib;
  2. use Dever;
  3. class Auth
  4. {
  5. protected $login = true;
  6. public $uid;
  7. protected $user;
  8. protected $system;
  9. protected $system_info;
  10. protected $info;
  11. protected $func;
  12. public $data = array();
  13. public function __construct($set = false)
  14. {
  15. $info = Dever::load('common', 'manage')->auth();
  16. if (!$info && $this->login) {
  17. $info['uid'] = 1;
  18. $info['extend']['system_id'] = 'no';
  19. $info['extend']['system_id'] = 1;
  20. $info['extend']['info_id'] = 1;
  21. $info['extend']['module_id'] = 1;
  22. $info['extend']['data_id'] = 1;
  23. #Dever::error('请先登录');
  24. }
  25. $this->system = Dever::db('system', 'manage')->find($info['extend']['system_id']);
  26. if (!$this->system) {
  27. Dever::error('当前系统不存在');
  28. }
  29. $this->system_info = Dever::db($this->system['info_table'])->find($info['extend']['info_id']);
  30. if (!$this->system) {
  31. Dever::error('当前系统设置错误');
  32. }
  33. $this->uid = $info['uid'];
  34. $this->user = Dever::db($this->system['user_table'])->find($this->uid);
  35. if (!$this->user) {
  36. Dever::error('请先登录');
  37. }
  38. $this->user['table'] = $this->system['user_table'];
  39. $this->user['auth'] = array('module' => '', 'menu' => '', 'func' => '');
  40. if ($this->user['role']) {
  41. $role = Dever::db($this->system['role_table'])->select(array('id' => array('in', $this->user['role'])));
  42. foreach ($role as $k => $v) {
  43. $this->user['auth']['module'] .= $v['module'] . ',';
  44. $this->user['auth']['menu'] .= $v['menu'] . ',';
  45. $this->user['auth']['func'] .= $v['auth'] . ',';
  46. }
  47. }
  48. if ($this->user['auth']['module']) {
  49. $this->user['auth']['module'] = rtrim($this->user['auth']['module'], ',');
  50. }
  51. if ($this->user['auth']['menu']) {
  52. $this->user['auth']['menu'] = rtrim($this->user['auth']['menu'], ',');
  53. }
  54. if ($this->user['auth']['func']) {
  55. $this->user['auth']['func'] = ',' . $this->user['auth']['func'];
  56. }
  57. $this->user['select'] = $info['extend'] ?? false;
  58. if (!$this->user['select']) {
  59. # 分别为系统id,系统基本信息id,模块id,模块数据id
  60. $this->user['select'] = array('partition' => 'no', 'system_id' => 1, 'info_id' => 1, 'module_id' => 1, 'data_id' => 1);
  61. }
  62. $this->checkModule($this->user['select']['module_id']);
  63. if ($set) {
  64. Dever::$data['muser'] = $this->user;
  65. }
  66. }
  67. # 设置功能权限
  68. public function getFunc($key, $name, $sort = 1, $param = '')
  69. {
  70. if (!$key) {
  71. $key = md5(base64_encode($name));
  72. }
  73. /*
  74. if ($param) {
  75. if (is_array($param)) {
  76. $param = Dever::json_encode($name);
  77. }
  78. $key = $key . '_' . md5($param);
  79. }*/
  80. if (!$this->menu) {
  81. return false;
  82. }
  83. $data['menu_id'] = $this->menu['id'];
  84. $data['key'] = $key;
  85. $key = $key . $data['menu_id'];
  86. if (isset($this->func[$key]['id'])) {
  87. return $this->func[$key]['id'];
  88. }
  89. $this->func[$key] = Dever::db('menu_func', 'manage')->find($data);
  90. $name = $this->menu['name'] . '-' . $name;
  91. if (!$this->func[$key]) {
  92. $data['name'] = $name;
  93. $data['sort'] = $sort;
  94. $id = Dever::db('menu_func', 'manage')->insert($data);
  95. Dever::db('menu', 'manage')->update($this->menu['id'], array('func' => 1));
  96. } else {
  97. /*
  98. if ($info['name'] != $name) {
  99. $data['name'] = $name;
  100. $data['sort'] = $sort;
  101. Dever::db('menu_func', 'manage')->update($info['id'], $data);
  102. Dever::db('menu', 'manage')->update($this->menu['id'], array('func' => 1));
  103. }*/
  104. $id = $this->func[$key]['id'];
  105. }
  106. if ($this->user['id'] == 1) {
  107. return $id;
  108. }
  109. if ($this->user['auth']['func'] && strstr($this->user['auth']['func'], ',' . $id . ',')) {
  110. return $id;
  111. }
  112. return false;
  113. }
  114. # 检测系统模块权限
  115. protected function checkModule($module_id)
  116. {
  117. if ($this->user['id'] == 1) {
  118. return;
  119. }
  120. if ($this->user['auth']['module'] && !Dever::check($this->user['auth']['module'], $module_id)) {
  121. Dever::error('无系统权限');
  122. }
  123. }
  124. # 检测菜单权限
  125. protected function checkMenu($menu, $result = true)
  126. {
  127. if ($this->user['id'] == 1) {
  128. if ($result) {
  129. return false;
  130. }
  131. return;
  132. }
  133. if ($this->user['auth']['menu'] && !Dever::check($this->user['auth']['menu'], $menu)) {
  134. if ($result) {
  135. return true;
  136. }
  137. Dever::error('无菜单访问权限');
  138. }
  139. if ($result) {
  140. return false;
  141. }
  142. }
  143. # 检测功能权限
  144. protected function checkFunc()
  145. {
  146. $id = Dever::input('func');
  147. if (!$id) {
  148. return false;
  149. }
  150. if ($this->user['id'] == 1) {
  151. return $id;
  152. }
  153. if ($this->user['auth']['func'] && strstr($this->user['auth']['func'], ',' . $id . ',')) {
  154. return $id;
  155. }
  156. if (isset($this->menu) && $this->menu && $this->menu['show'] != 1) {
  157. return $id;
  158. }
  159. Dever::error('无操作权限');
  160. }
  161. }